openstack
/
salt-formula-kubernetes
Code Issues Proposed changes

set apiserver etcd-quorum-read 

Change-Id: I4f4f1feb8ca6e0ceee9ac4f17e9e9da80d2740e4
This commit is contained in:
Tomáš Kukrál 2017-01-24 11:59:35 +01:00
parent 09407cfa14
commit 4e72dfa728
No known key found for this signature in database
GPG Key ID: 6C859D7162E37242
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
kubernetes/files/manifest/kube-apiserver.manifest
View File

@ -27,6 +27,7 @@ spec:
--secure-port={{ master.apiserver.get('secure_port', '443') }}
--bind-address={{ master.apiserver.address }}
--token-auth-file=/srv/kubernetes/known_tokens.csv
--etcd-quorum-read=true
--v=2
--allow-privileged=True
1>>/var/log/kube-apiserver.log 2>&1

2
kubernetes/master/controller.sls
View File

@ -76,7 +76,7 @@
- user: root
- group: root
- mode: 644
- contents: DAEMON_ARGS=" --insecure-bind-address={{ master.apiserver.insecure_address }} --etcd-servers={% for member in master.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %} --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota --service-cluster-ip-range={{ master.service_addresses }} --client-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt --basic-auth-file=/srv/kubernetes/basic_auth.csv --tls-cert-file=/etc/kubernetes/ssl/kubernetes-server.crt --tls-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key --secure-port={{ master.apiserver.get('secure_port', '443') }} --bind-address={{ master.apiserver.address }} --token-auth-file=/srv/kubernetes/known_tokens.csv --v=2 --allow-privileged=True"
- contents: DAEMON_ARGS=" --insecure-bind-address={{ master.apiserver.insecure_address }} --etcd-servers={% for member in master.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %} --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota --service-cluster-ip-range={{ master.service_addresses }} --client-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt --basic-auth-file=/srv/kubernetes/basic_auth.csv --tls-cert-file=/etc/kubernetes/ssl/kubernetes-server.crt --tls-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key --secure-port={{ master.apiserver.get('secure_port', '443') }} --bind-address={{ master.apiserver.address }} --token-auth-file=/srv/kubernetes/known_tokens.csv --v=2 --allow-privileged=True --etcd-quorum-read=true"
/etc/default/kube-controller-manager:
file.managed: